OpenBSD manual page server

Manual Page Search Parameters

RFC1413(3) Library Functions Manual RFC1413(3)

rfc1413libwrap client side ident implementation

#include <tcpd.h>

int
rfc1413(struct sockaddr *rmt_sin, struct sockaddr *our_sin, char *dest, size_t dsize, int ident_timeout_time);

() retrieves a user name from a remote system using the ident protocol described in RFC 1413. It is implemented in the libwrap.a library.

() takes two sockaddr pointers as parameters: rmt_sin for the remote host end of a connected TCP socket, and our_sin for the local end. dest should be allocated by the caller to store the found username, and must be of length at least dsize. ident_timeout_time is a timeout in seconds on the entire ident query, used to ensure that you don't wait forever for a slow or unresponsive remote host to answer the ident query.

When username lookup is successful, rfc1413() strips the trailing CRLF from the returned value and stores up to dsize - 1 bytes of the returned username into dest, always terminating with a NUL byte. In this case 0 is returned. rfc1413() returns -1 if any failure occurs such that it was unable to retrieve the remote username.

hosts_access(3)

The ident protocol only works on TCP sockets.

Ident connections are made unencrypted, and nothing prevents the remote server from lying about who the user is. Consequently, ident should never be used to authenticate users. ident is however, quite useful for logging users of connections from multiuser machines that can be trusted not to lie about it.

May 31, 2007 OpenBSD-5.4